Tailscale patches critical root access and denial-of-service flaws in version 1.98.9
The cybersecurity software platform has released an urgent update to resolve vulnerabilities reported by Anthropic and Ada Logics that could allow unauthorised root access or indefinite CPU consumption.
Tailscale has released version 1.98.9 to address two critical security vulnerabilities within its client and service software. The update resolves an insecure argument handling flaw in Tailscale SSH that permitted unauthorised root access on Linux systems, as well as a denial-of-service vulnerability in Tailscale Serve and Funnel services where malformed HTTP requests could cause indefinite CPU consumption.
The SSH vulnerability stemmed from Tailscale accepting usernames with leading dashes, such as `-i`, which were passed as arguments to the `getent(1)` command on Linux. When the username `-i` was used, the system interpreted it as the `--no-idn` flag, causing `getent` to print the entire passwd file and allowing Tailscale to open an interactive root session. This effectively bypassed Access Control List restrictions, enabling a user with SSH access to obtain root privileges in violation of policy.
In response to the SSH flaw, Tailscale now rejects usernames with leading dashes. The company noted that users of Tailscale SSH on Linux hosts relying on autogroup:nonroot user restrictions in ACLs should upgrade to version 1.98.9 or newer to mitigate the risk of unauthorised root access.
The second issue involved a denial-of-service vulnerability in Tailscale Serve and Funnel, services that proxy incoming HTTP requests to local backends. The flaw occurred because Tailscale’s path resolution logic walked request directories upward indefinitely if the path did not begin with a forward slash. This caused a goroutine to spin at 100% CPU usage without a timeout, pinning a core indefinitely.
Tailscale has now terminated path walks for non-absolute paths, returning no handler and closing the request. For Tailscale Serve, the request could originate from any peer on the tailnet with access to the node, while for Tailscale Funnel, it could originate from any unauthenticated host on the internet. Nodes running these services on versions prior to 1.98.9 are advised to upgrade immediately.
The vulnerabilities were reported by Anthropic and Ada Logics. Tailscale confirmed that the fixes are included in version 1.98.9 and newer, urging all affected users to apply the patch to secure their networks against these specific exploitation vectors.

